Ask a Question Register Login

php - Twitter OAuth Identification

618

So I am trying to let my customers login in with Twitter, and just twitter.

Twitter says "You should never store a password for your users again", but how am I going to reauthenticate my users with twitters API?

If I resend the user to twitter after they have deleted their session, twitter asks the user again if they want to give acces to my application.

Is it at all possible to have seamless intergration with twitter accounts without ever storing local user data?

EDIT

It seems that the question is not extremely clear. What I have experienced using for example http://forum.jquery.com/. They use OpenID. I click "Login with google". I get redirected to google. Google remebers I gave acces to Zoho once and instantly sends me back to forums.jquery.com, this time with an access_token for zoho to authenticate me with. I have no persistent data with Zoho. Yet they can log me in.

What twitter with OAuth does is the following. A user comes to my site, they click "Login with twitter" and get redirected to twitter. Twitter asks them again whether they want to give the application access to their data. Instead of the immediate redirect google does.

Is it possible for twitter to immediatly redirect the user to me. Is there a setting for me I am overlooking.

578

Answer

Solution:

Send users to https://api.twitter.com/oauth/authenticate instead of https://api.twitter.com/oauth/authorize. If the user is already signed into Twitter and has previously authenticated with your app they will be redirected without seeing an allow/deny prompt.

258

Answer

Solution:

What you store from Twitter are the user's TOKEN and user's SECRET. Those values are issued by Twitter (or any oauth provider) when you are in the process of oauth authentication.

You can get the idea using this library in PHP:

https://github.com/abraham/twitteroauth

Or this one in Ruby:

https://github.com/jnunemaker/twitter

The process is quite straightforward once you tried with any real example. It is not difficult at all.

There are also some nice screencasts here:

http://railscasts.com/episodes/241-simple-omniauth

http://railscasts.com/episodes/235-omniauth-part-1

http://railscasts.com/episodes/236-omniauth-part-2

792

Answer

Solution:

Have you actually read the API?

Read the getting started page, you don't store passwords you store access tokens for the user. And if you want people to log in and register your going to have to store some data ;-)

578

Answer

Solution:

I had this problem exactly and solved it using setAuthorizedUrl method - for more details see here http://www.evilprofessor.co.uk/359-sign-in-with-twitter-using-zend-framework/

412

Answer

Solution:

This tutorials might Helpful for you.

Twitter API connect using oAuth

684

Answer

Solution:

Cristian comment is what I was looking for.

You have to save those values in any persistent storage, if not, your users will always need to go Twitter again.

Shame that twitter doesn't recognize that the users have already allowed my app and redirects automatically

People are also looking for solutions to the problem: php - Unable to scrape a specific part using Simple HTML DOM

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.